Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 14 Computer Security Threats Seventh Edition By William Stallings Operating Systems: Internals and Design Principles.

Similar presentations

Presentation on theme: "Chapter 14 Computer Security Threats Seventh Edition By William Stallings Operating Systems: Internals and Design Principles."— Presentation transcript:

1 Chapter 14 Computer Security Threats Seventh Edition By William Stallings Operating Systems: Internals and Design Principles

2 The art of war teaches us to rely not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable. — THE ART OF WAR, Sun Tzu


4 Confidentiality Data confidentiality assures that private or confidential information is not made available or disclosed to unauthorized individuals Privacy assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed Integrity Data integrity assures that information and programs are changed only in a specified and authorized manner System integrity assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system Availability assures that systems work promptly and service is not denied to authorized users

5 Security Objectives: Confidentiality - a loss of confidentiality is the unauthorized disclosure of information Integrity - a loss of integrity is the unauthorized modification or destruction of information Availability - a loss of availability is the disruption of access to or use of information or an information system

6 Authenticity The property of being genuine and being able to be verified and trusted; confidence in the validity of a transmission, a message, or message originator Verifying that users are who they say they are and that each input arriving at the system came from a trusted source Accountability The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity We must be able to trace a security breach to a responsible party Systems must keep records of their activities to permit later forensic analysis to trace security breaches or to aid in transaction disputes  Two further concepts are often added to the core of computer security:

7 Threats & Their Effects Multiple threatening actions generate four types of consequences: Unauthorized disclosure Deception Disruption Usurpation





12 Scope of System Security

13 Examples of Threats to System Assets

14  Attempts to learn or make use of information from the system but does not affect system resources  Are in the nature of eavesdropping on, or monitoring of, transmissions  Goal of the attacker is to obtain information that is being transmitted  Difficult to detect because they do not involve any alteration of the data  is feasible to prevent the success of these attacks by means of encryption  Emphasis in dealing with passive attacks is on prevention rather than detection Types: release of message contents traffic analysis

15  Involve some modification of the data stream or the creation of a false stream  Four categories: 1. Replay  involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect 2. Masquerade  takes place when one entity pretends to be a different entity 3. Modification of messages  some portion of a legitimate message is altered, or messages are delayed or reordered, to produce an unauthorized effect 4. Denial of service  prevents or inhibits the normal use or management of communications facilities  disruption of an entire network either by disabling the network or by overloading it with messages so as to degrade performance

16 Intruder Behavior Patterns Hackers: usually in it for fun and status, not necessarily looking for financial gain Criminals: organized, efficient, may have a social or financial objective Internal threats: Employees, usually – may have a grudge against the company. See page 617 for more details

17 General term for any malicious software Software designed to cause damage to or use up the resources of a target computer Frequently concealed within or masquerades as legitimate software In some cases it spreads itself to other computers via or infected discs


19 Also known as a trapdoor A secret entry point into a program that allows someone to gain access without going through the usual security access procedures A maintenance hook is a backdoor that programmers use to debug and test programs Become threats when unscrupulous programmers use them to gain unauthorized access It is difficult to implement operating system controls for backdoors

20 One of the oldest types of program threat Code embedded in some legitimate program that is set to “explode” when certain conditions are met Once triggered a bomb may alter or delete data or entire files, cause a machine halt, or do some other damage

21 Useful, or apparently useful, program or command procedure that contains hidden code that, when invoked, performs some unwanted or harmful function Trojan horses fit into one of three models: 1)continuing to perform the function of the original program and additionally performing a separate malicious activity 2)continuing to perform the function of the original program but modifying the function to perform malicious activity or to disguise other malicious activity 3)performing a malicious function that completely replaces the function of the original program

22 Programs that can be shipped unchanged to a heterogeneous collection of platforms and execute with identical semantics Transmitted from a remote system to a local system and then executed on the local system without the user’s explicit instruction Often acts as a mechanism for a virus, worm, or Trojan horse to be transmitted to the user’s workstation Takes advantages of vulnerabilities Popular vehicles for mobile code include Java applets, ActiveX, JavaScript, and VBScript

23 Infects in multiple ways Typically the multipartite virus is capable of infecting multiple types of files A blended attack uses multiple methods of infection or transmission to maximize the speed of contagion and the severity of the attack An example of a blended attack is the Nimda attack Windows shares Web servers Web clients Nimda uses four distribution methods:

24 Software that “infects” other programs by modifying them carries instructional code to self duplicate becomes embedded in a program on a computer when the infected computer comes into contact with an uninfected piece of software, a fresh copy of the virus passes into the new program infection can be spread by swapping disks from computer to computer or through a network A computer virus has three parts: an infection mechanism trigger payload

25 Propagation Phase the virus places an identical copy of itself into other programs or into certain system areas on the disk Execution Phase the function is performed the function may be harmless (message on screen) or damaging (destruction of programs and data files) Dormant Phase the virus is idle will eventually be activated by some event not all viruses have this stage Triggering Phase the virus is activated to perform the function for which it was intended triggering phase can be caused by a variety of system events

26 Boot sector infector infects a master boot record or boot record and spreads when a system is booted from the disk containing the virus File infector infects files that the operating system or shell consider to be executable Macro virus infects files with macro code that is interpreted by an application

27 A virus classification by concealment strategy includes: Encrypted virus random encryption key encrypts remainder of virus Stealth virus hides itself from detection of antivirus software Polymorphic virus mutates with every infection mutation engine is the portion of the virus that is responsible for generating keys and performing encryption/decryption Metamorphic virus mutates with every infection rewrites itself completely after every iteration

28 The first rapidly spreading viruses made use of a Microsoft Word macro embedded in an attachment In 1999 a newer, more powerful version of the virus appeared can be activated merely by opening an that contains the virus rather than opening an attachment the virus uses the Visual Basic scripting language supported by the package If the recipient opens the attachment the Word macro is activated the virus sends itself to everyone on the mailing list in the user’s package the virus does local damage on the user’s system

29 A program that can replicate itself and send copies from computer to computer across network connections Upon arrival the worm may be activated to replicate and propagate again In addition to propagation the worm usually performs some unwanted function Actively seeks out more machines to infect and each machine that is infected serves as an automate launching pad for attacks on other machines

30 To replicate itself a network worm uses some sort of network vehicle a worm mails a copy of itself to other systems so that its code is run when the or an attachment is received or viewed Electronic mail facility a worm executes a copy of itself on another system either using an explicit remote execution facility or by exploiting a program flaw in a network service to subvert its operations Remote execution capability a worm logs on to a remote system as a user and then uses commands to copy itself from one system to the other Remote log-in capability

31 A program that secretly takes over another Internet-attached computer and then uses that computer to launch attacks that are difficult to trace to the bot’s creator also known as a Zombie or drone Typically planted on hundreds or thousands of computers belonging to unsuspecting third parties Collection of bots acting in a coordinated manner is a botnet A botnet exhibits three characteristics: 1)the bot functionality 2)a remote control facility 3)a spreading mechanism to propagate the bots and construct the botnet

32 Distributed denial-of-service (DDoS) attacks causes a loss of service to users Spamming sending massive amounts of bulk (spam) Sniffing traffic a packet sniffer is used to retrieve sensitive information like user names and passwords Keylogging captures keystrokes Spreading new malware botnets are used to spread new bots Installing advertisement add-ons and browser helper objects (BHOs) set up a fake Web site and negotiate a deal with hosting companies that pay for clicks on ads Attacking Internet Relay chat (IRC) chat networks victim is flooded with requests, bringing down the IRC network; similar to a DDoS attack Manipulating online polls/games every bot has a distinct IP address so it appears to be a real person

33 Distinguishes a bot from a worm a worm propagates and activates itself, whereas a bot is controlled from some central facility A typical means of implementing the remote control facility is on an IRC server all bots join a specific channel on this server and treat incoming messages as commands More recent botnets tend to use covert communication channels via protocols such as HTTP Distributed control mechanisms are also used to avoid a single point of failure

34 Set of programs installed on a system to maintain administrator (or root) access to that system Root access provides access to all the functions and services of the operating system The rootkit alters the host’s standard functionality in a malicious and stealthy way with root access an attacker has complete control of the system and can add or change programs and files, monitor processes, send and receive network traffic, and get backdoor access on demand A rootkit hides by subverting the mechanisms that monitor and report on the processes, files, and registries on a computer

35 System-Level Call Attacks  Programs operating at the user level interact with the kernel through system calls  In Linux each system call is assigned a unique syscall number  Three techniques that can be used to change system calls:  modify the system call table  modify system call table targets  redirect the system call table

36 Computer security is the protection afforded to an information system to preserve system resources CIA triad is confidentiality, integrity, availability; the fundamental security objectives Threat consequences: unauthorized disclosure, deception, disruption, usurpation Virus – a piece of software that can infect and modify other programs; three parts are infection mechanism, trigger, and payload A strategy for locating and identifying vulnerable machines is scanning or fingerprinting Rootkit a set of programs installed on a system to maintain administrator access to that system Computer and network assets: hardware, software, data, communication lines Network security attacks can be classified as passive attacks and active attacks Intruders: hackers, criminals, insider attacks Malware – malicious software Backdoor – a secret entry point Worm – a program that can replicate itself across a network A program that secretly takes over another Internet-attached computer and uses it to launch attacks is a bot

Download ppt "Chapter 14 Computer Security Threats Seventh Edition By William Stallings Operating Systems: Internals and Design Principles."

Similar presentations

Ads by Google